allyomalley
iOS Developer and Mobile Hacker Certified GIAC Mobile Device Security Analyst (GMOB) + GIAC Penetration Tester (GPEN)
Software Engineer at SalesforcePalo Alto, CA
Pinned Repositories
BurpParamFlagger
A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or LFI.
collectCertInfo
Collects basic SSL certificate information from a list of targets and stores results in a SQLite database.
dnsobserver
A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for out-of-band DNS interactions and sends lookup notifications via Slack.
LiveTargetsFinder
Generates lists of live hosts and URLs for targeting, automating the usage of MassDNS, Masscan and nmap to filter out unreachable hosts and gather service information
MailBot
Tool to automatically email results from your Python scripts to your inbox as text or as a file attachment, storing the sender email account's password securely in the keychain.
needle
The iOS Security Testing Framework
p12Cracker
A simple tool to brute force a password-protected PFX/P12 file
p12CrackerGo
A simple Go script to concurrently brute force a password-protected PKCS#12 (PFX/P12) file
pentest_scripts
Various pentesting scripts, focusing on iOS and network security
s3Takeover
Automate the process of an S3 bucket subdomain takeover via dangling CNAME record
allyomalley's Repositories
allyomalley/LiveTargetsFinder
Generates lists of live hosts and URLs for targeting, automating the usage of MassDNS, Masscan and nmap to filter out unreachable hosts and gather service information
allyomalley/dnsobserver
A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for out-of-band DNS interactions and sends lookup notifications via Slack.
allyomalley/BurpParamFlagger
A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or LFI.
allyomalley/p12Cracker
A simple tool to brute force a password-protected PFX/P12 file
allyomalley/s3Takeover
Automate the process of an S3 bucket subdomain takeover via dangling CNAME record
allyomalley/pentest_scripts
Various pentesting scripts, focusing on iOS and network security
allyomalley/p12CrackerGo
A simple Go script to concurrently brute force a password-protected PKCS#12 (PFX/P12) file
allyomalley/MailBot
Tool to automatically email results from your Python scripts to your inbox as text or as a file attachment, storing the sender email account's password securely in the keychain.
allyomalley/collectCertInfo
Collects basic SSL certificate information from a list of targets and stores results in a SQLite database.
allyomalley/needle
The iOS Security Testing Framework
allyomalley/go-bitbucket
Unofficial Go client library for bitbucket.org, auto-generated from official OAI spec. NOT a fork of or otherwise related to other go-bitbucket clients.
allyomalley/VoteTracker
VoteTracker iOS App